Security issue: Gemtext link with a 'javascript:' URI execute JS when clicked

[acidus99]

Elaho will execute Javascript if when a user clicks a standard Gemtext link (=> javascript:alert(555) hello!)

This is similar to issue #41

Expected behavior: Elaho should not execute JavaScript found in javascript: URIs. URL schemes should probably follow an allow-list, where only specific, known schemes are allowed and operated on (e.g. http,https, gemini,mailto, etc)